377B0858
First, use a memory searcher like CE or MHS.
Then, search addresses as if you were going to do OPK
-- Move up and down a ladder ect.
Keep going till you get that address
Then attach a a debugger to Engine.exe and leave Ehsvc.dll as an exception
--- kinda hard to do since you need to hide the debugger from CA
Follow the address you got through the memory and look for the popad line with an offset of +218.
Then open reclass and go some bytes up till you find a VTABLE class
When you found that look at all teh functions in olly..
One function will have a call to another function which has a create call and same for delete call
detour those 2 functions and you will recieve all players addresses / pointers. just log them.
Now shut the fuck up seal
